AuxXxilium/linux_dsm_epyc7002
1
0
Fork 0
mirror of https://github.com/AuxXxilium/linux_dsm_epyc7002.git synced 2025-03-01 18:28:24 +07:00
Code Issues Actions Packages Projects Releases Wiki Activity

ima: audit is compiled only when enabled

Browse Source 
IMA auditing code was compiled even when CONFIG_AUDIT was not enabled.
This patch compiles auditing code only when possible and enabled.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
This commit is contained in:
Dmitry Kasatkin 2012-06-25 12:18:21 +03:00 committed by Mimi Zohar
parent 7ff2267af5
commit 417c6c8ee2
4 changed files with 13 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
security/integrity/ima/Kconfig
View File

@ -38,8 +38,9 @@ config IMA_MEASURE_PCR_IDX
measurement list. If unsure, use the default 10. measurement list. If unsure, use the default 10.
config IMA_AUDIT config IMA_AUDIT
bool bool "Enables auditing support"
depends on IMA depends on IMA
depends on AUDIT
default y default y
help help
This option adds a kernel parameter 'ima_audit', which This option adds a kernel parameter 'ima_audit', which

3
security/integrity/ima/Makefile
View File

@ -6,4 +6,5 @@
obj-$(CONFIG_IMA) += ima.o obj-$(CONFIG_IMA) += ima.o
ima-y := ima_fs.o ima_queue.o ima_init.o ima_main.o ima_crypto.o ima_api.o \ ima-y := ima_fs.o ima_queue.o ima_init.o ima_main.o ima_crypto.o ima_api.o \
ima_policy.o ima_audit.o ima_policy.o
ima-$(CONFIG_IMA_AUDIT) += ima_audit.o

9
security/integrity/ima/ima.h
View File

@ -61,10 +61,19 @@ struct ima_queue_entry {
}; };
extern struct list_head ima_measurements; /* list of all measurements */ extern struct list_head ima_measurements; /* list of all measurements */
#ifdef CONFIG_IMA_AUDIT
/* declarations */ /* declarations */
void integrity_audit_msg(int audit_msgno, struct inode *inode, void integrity_audit_msg(int audit_msgno, struct inode *inode,
const unsigned char *fname, const char *op, const unsigned char *fname, const char *op,
const char *cause, int result, int info); const char *cause, int result, int info);
#else
static inline void integrity_audit_msg(int audit_msgno, struct inode *inode,
const unsigned char *fname,
const char *op, const char *cause,
int result, int info)
{
}
#endif
/* Internal IMA function definitions */ /* Internal IMA function definitions */
int ima_init(void); int ima_init(void);

3
security/integrity/ima/ima_audit.c
View File

@ -17,8 +17,6 @@
static int ima_audit; static int ima_audit;
#ifdef CONFIG_IMA_AUDIT
/* ima_audit_setup - enable informational auditing messages */ /* ima_audit_setup - enable informational auditing messages */
static int __init ima_audit_setup(char *str) static int __init ima_audit_setup(char *str)
{ {
@ -29,7 +27,6 @@ static int __init ima_audit_setup(char *str)
return 1; return 1;
} }
__setup("ima_audit=", ima_audit_setup); __setup("ima_audit=", ima_audit_setup);
#endif
void integrity_audit_msg(int audit_msgno, struct inode *inode, void integrity_audit_msg(int audit_msgno, struct inode *inode,
const unsigned char *fname, const char *op, const unsigned char *fname, const char *op,